extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-21 23:23:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct src-dst single exclusion

Browse Source 
Match the destination address in the output chain

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2024-03-08 11:50:49 -08:00
parent a9359d2610
commit 467cc4c252
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -1069,7 +1069,7 @@ sub add_common_rules ( $ ) {
if ( $setting & DBL_DST ) { if ( $setting & DBL_DST ) {
add_dbl_exclusion_ijump( $forward_option_chainref, $dbl_dst_target, $hostref, $dbl_ipset, 0, @state, @out_policy ); add_dbl_exclusion_ijump( $forward_option_chainref, $dbl_dst_target, $hostref, $dbl_ipset, 0, @state, @out_policy );
add_dbl_exclusion_ijump( $output_option_chainref, $dbl_dst_target, $hostref, $dbl_ipset, 1, @state, @out_policy ); add_dbl_exclusion_ijump( $output_option_chainref, $dbl_dst_target, $hostref, $dbl_ipset, 0, @state, @out_policy );
} }
$dbl_ipset = ''; # All ipset jumps have been added $dbl_ipset = ''; # All ipset jumps have been added